[Bug 2545] reverse DNS lookups shouldn't block login

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sun Feb 28 10:59:53 AEDT 2016


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
             Status|NEW                         |RESOLVED
         Resolution|---                         |WONTFIX
                 CC|                            |djm at mindrot.org

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
We don't intend to fix this.

With UseDNS=yes, we need the remote hostname fairly early in the
connection life for sshd_config Match and authorized_keys restrictions,
so doing the lookup asynchrounously wouldn't really help - we'd need to
block at those points anyway until we get an answer.

UseDNS=no is the default for this reason (among others).

You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list